The sbomify Blog
Content for software, product, and digital security experts
Blog
Understanding Sigstore: Securing the Software Supply Chain
Summary: In an era where software supply chain attacks are becoming more common and sophisticated, Sigstore represents a critical advancement in securing software development practices. By lowering the...
Understanding Lock File Drift: A Hidden Risk in Dependency Management
In the world of software development, managing dependencies is crucial for ensuring the stability and security of applications. One often overlooked aspect of this process is the phenomenon...
How to Generate SBOMs for Python Packages with `pipdeptree` and `cyclonedx-py`
Software Bill of Materials (SBOMs) are essential for ensuring transparency and security in software supply chains. This guide will show you how to use pipdeptree and cyclonedx-py to...
Embracing Cybersecurity with CISA's 'Secure by Design' Initiative
In the ever-evolving landscape of cyber threats, the importance of integrating robust security measures into the earliest stages of software development cannot be overstated. Recognizing this need, the...
What's New in SPDX 3: Enhanced Referencing Capabilities
At sbomify, we pride ourselves on providing the latest insights and updates in the realm of Software Bill of Materials (SBOM). One of the most anticipated developments is...
Understanding the EU Cyber Resilience Act: The Role of SBOMs in Enhancing Cybersecurity
In an era where digital transformation is the norm, cybersecurity has become a paramount concern for organizations and governments worldwide. The European Union (EU) is at the forefront...
The Role of SBOMs in an OBOM: Ensuring Compliance and Security in Smart Thermometer Development
In today’s software landscape, compliance with security and transparency mandates is more critical than ever. Executive orders, such as the one issued by the U.S. government in May...
Enhancing Dependency Management with GitHub's Dependency Graph: An Analysis
Introduction
Framing Software Component Transparency: Establishing a Common Software Bill of Materials (SBOM)
As the digital world grows ever more complex, the tools we use to ensure software security and transparency must evolve. The 2nd edition of Framing Software Component Transparency:...
Get the latest SBOMs from the top 15 most popular images on Docker Hub
Most companies that use Docker also use Docker Hub in some capacity. Have you ever wondered how secure these images are? In our article Comprehensive Guide to Generating...
Comprehensive Guide to Generating and Understanding SBOMs with Docker and Django-CMS
It’s fair to say that SBOMs (Software Bill of Materials) is a rapidly emerging field. Many vendors, like Docker and GitHub, now offer tools to automatically generate SBOMs...
Call for Views on the Code of Practice for Software Vendors: Ensuring Security and Resilience
The UK government has launched a call for views on a new voluntary Code of Practice for Software Vendors. This initiative aims to enhance the security and resilience...